DarkCloud Stealer A Multi-Stage Malware That Pilfers Sensitive data
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary DarkCloud Stealer is a type of malware distributed worldwide through spam operations and designed to pilfer sensitive information from a victim’s device. The sale of DarkCloud Stealer was reported in January …
Mylobot: A Sophisticated Botnet Malware Targeting Computers Worldwide
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Mylobot is a Windows-targeting malware and was first discovered in 2017. It has not received much attention since then, but it is noteworthy for its ability to transform the infected system …
WIP26 attacks Middle Eastern telecom service providers
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The newly discovered WIP26 threat cluster is an espionage-focused group that has been concentrating on infiltrating Middle Eastern telecom companies. To evade detection, the group heavily relies on public cloud infrastructure …
A New Info-Stealing Malware Named “Stealc” Targeting Cryptocurrency Wallets
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new information-stealing malware called Stealc was discovered in January 2023. This malware is designed to steal sensitive information from various sources including web browsers, desktop cryptocurrency wallets, and browser extensions …
The Intricate Evolution of SoulSearcher Loader for Multi-Stage Malware Execution
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary SoulSearcher is a second-stage loader that has been seen in the wild since October 2017, and it is responsible for executing the Soul module payload and parsing its configuration. The samples …
Multiple Fortinet products are vulnerable to unauthorized code execution flaws
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Fortinet has released security updates to rectify security weaknesses in its range of products, such as FortiWeb, FortiOS, FortiNAC, FortiProxy, and others. The most significant vulnerability resides in the FortiNAC network …
APT Earth Kitsune delivers new WhiskerSpy malware via watering hole attack
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Earth Kitsune, an advanced persistent threat (APT) actor known for targeting individuals interested in North Korea, also China, Brazil, and Japan and has been found to be using a new backdoor …
ProxyShellMiner Exploits Windows Exchange Server Vulnerabilities for Cryptocurrency Mining
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary ProxyShellMiner exploits Windows Exchange servers’ vulnerabilities, which are used to gain unauthorized access and compromise an organization, leading to the installation of cryptocurrency miners. …
Israel’s Technion Targeted by DarkBit Ransomware’s Campaign
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The DarkBit ransomware is a newly emerged threat in the cybersecurity scene that has targeted Technion – Israel Institute of Technology, a prestigious academic institution in Israel. The attackers behind this …
New Ransomware Campaign “TZW” Linked to GlobeImposter Targets South Korean Organizations
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new ransomware campaign called TZW is affecting organizations in South Korea. The campaign is linked to the known malware family GlobeImposter, suggesting that the actors behind GlobeImposter are rebranding and …